< prev index next >
src/share/classes/sun/security/provider/DSAParameterGenerator.java
Print this page
rev 12543 : 8181048: Refactor existing providers to refer to the same constants for default values for key length
Reviewed-by: mullan, ahgross
*** 1,7 ****
/*
! * Copyright (c) 1997, 2012, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
--- 1,7 ----
/*
! * Copyright (c) 1997, 2017, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
* under the terms of the GNU General Public License version 2 only, as
* published by the Free Software Foundation. Oracle designates this
*** 32,50 ****
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.DSAParameterSpec;
import java.security.spec.DSAGenParameterSpec;
/**
! * This class generates parameters for the DSA algorithm. It uses a default
! * prime modulus size of 1024 bits, which can be overwritten during
! * initialization.
*
* @author Jan Luehe
*
*
* @see java.security.AlgorithmParameters
--- 32,53 ----
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.InvalidParameterException;
import java.security.MessageDigest;
import java.security.SecureRandom;
+ import java.security.ProviderException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidParameterSpecException;
import java.security.spec.DSAParameterSpec;
import java.security.spec.DSAGenParameterSpec;
+ import static sun.security.util.SecurityProviderConstants.DEF_DSA_KEY_SIZE;
+ import static sun.security.util.SecurityProviderConstants.getDefDSASubprimeSize;
+
+
/**
! * This class generates parameters for the DSA algorithm.
*
* @author Jan Luehe
*
*
* @see java.security.AlgorithmParameters
*** 54,67 ****
* @since 1.2
*/
public class DSAParameterGenerator extends AlgorithmParameterGeneratorSpi {
- // the default parameters
- private static final DSAGenParameterSpec DEFAULTS =
- new DSAGenParameterSpec(1024, 160, 160);
-
// the length of prime P, subPrime Q, and seed in bits
private int valueL = -1;
private int valueN = -1;
private int seedLen = -1;
--- 57,66 ----
*** 81,123 ****
* and source of randomness.
*
* @param strength the strength (size of prime) in bits
* @param random the source of randomness
*/
protected void engineInit(int strength, SecureRandom random) {
! if ((strength >= 512) && (strength <= 1024) && (strength % 64 == 0)) {
! this.valueN = 160;
! } else if (strength == 2048) {
! this.valueN = 224;
! // } else if (strength == 3072) {
! // this.valueN = 256;
! } else {
! throw new InvalidParameterException
! ("Prime size should be 512 - 1024, or 2048");
}
this.valueL = strength;
this.seedLen = valueN;
this.random = random;
}
/**
* Initializes this parameter generator with a set of
* algorithm-specific parameter generation values.
*
! * @param genParamSpec the set of algorithm-specific parameter generation values
* @param random the source of randomness
*
* @exception InvalidAlgorithmParameterException if the given parameter
* generation values are inappropriate for this parameter generator
*/
protected void engineInit(AlgorithmParameterSpec genParamSpec,
! SecureRandom random)
! throws InvalidAlgorithmParameterException {
if (!(genParamSpec instanceof DSAGenParameterSpec)) {
throw new InvalidAlgorithmParameterException("Invalid parameter");
}
! DSAGenParameterSpec dsaGenParams = (DSAGenParameterSpec) genParamSpec;
int primePLen = dsaGenParams.getPrimePLength();
if (primePLen > 2048) {
throw new InvalidParameterException
("No support for prime size " + primePLen);
}
--- 80,121 ----
* and source of randomness.
*
* @param strength the strength (size of prime) in bits
* @param random the source of randomness
*/
+ @Override
protected void engineInit(int strength, SecureRandom random) {
! if ((strength != 2048) &&
! ((strength < 512) || (strength > 1024) || (strength % 64 != 0))) {
! throw new InvalidParameterException(
! "Unexpected strength (size of prime): " + strength +
! ". Prime size should be 512-1024, or 2048");
}
this.valueL = strength;
+ this.valueN = getDefDSASubprimeSize(strength);
this.seedLen = valueN;
this.random = random;
}
/**
* Initializes this parameter generator with a set of
* algorithm-specific parameter generation values.
*
! * @param genParamSpec the set of algorithm-specific parameter
! * generation values
* @param random the source of randomness
*
* @exception InvalidAlgorithmParameterException if the given parameter
* generation values are inappropriate for this parameter generator
*/
+ @Override
protected void engineInit(AlgorithmParameterSpec genParamSpec,
! SecureRandom random) throws InvalidAlgorithmParameterException {
if (!(genParamSpec instanceof DSAGenParameterSpec)) {
throw new InvalidAlgorithmParameterException("Invalid parameter");
}
! DSAGenParameterSpec dsaGenParams = (DSAGenParameterSpec)genParamSpec;
int primePLen = dsaGenParams.getPrimePLength();
if (primePLen > 2048) {
throw new InvalidParameterException
("No support for prime size " + primePLen);
}
*** 138,152 ****
try {
if (this.random == null) {
this.random = new SecureRandom();
}
if (valueL == -1) {
! try {
! engineInit(DEFAULTS, this.random);
! } catch (InvalidAlgorithmParameterException iape) {
! // should never happen
! }
}
BigInteger[] pAndQ = generatePandQ(this.random, valueL,
valueN, seedLen);
BigInteger paramP = pAndQ[0];
BigInteger paramQ = pAndQ[1];
--- 136,146 ----
try {
if (this.random == null) {
this.random = new SecureRandom();
}
if (valueL == -1) {
! engineInit(DEF_DSA_KEY_SIZE, this.random);
}
BigInteger[] pAndQ = generatePandQ(this.random, valueL,
valueN, seedLen);
BigInteger paramP = pAndQ[0];
BigInteger paramQ = pAndQ[1];
*** 208,224 ****
int outLen = hashObj.getDigestLength()*8;
int n = (valueL - 1) / outLen;
int b = (valueL - 1) % outLen;
byte[] seedBytes = new byte[seedLen/8];
BigInteger twoSl = TWO.pow(seedLen);
! int primeCertainty = 80; // for 1024-bit prime P
! if (valueL == 2048) {
primeCertainty = 112;
- //} else if (valueL == 3072) {
- // primeCertainty = 128;
}
BigInteger resultP, resultQ, seed = null;
int counter;
while (true) {
do {
/* Step 5 */
--- 202,221 ----
int outLen = hashObj.getDigestLength()*8;
int n = (valueL - 1) / outLen;
int b = (valueL - 1) % outLen;
byte[] seedBytes = new byte[seedLen/8];
BigInteger twoSl = TWO.pow(seedLen);
! int primeCertainty = -1;
! if (valueL <= 1024) {
! primeCertainty = 80;
! } else if (valueL == 2048) {
primeCertainty = 112;
}
+ if (primeCertainty < 0) {
+ throw new ProviderException("Invalid valueL: " + valueL);
+ }
BigInteger resultP, resultQ, seed = null;
int counter;
while (true) {
do {
/* Step 5 */
< prev index next >